New Drupal RCE vulnerability under active exploitation, patch ASAP!
Yet another Drupal remote code execution vulnerability has been patched by the Drupal security team, who urge users to implement the offered updates immediately as the flaw is …
The Wild West of drive-by cryptocurrency mining
As more and more Coinhive clones continue popping up, chances of users’ CPU power being hijacked for cryptocurrency mining are rising. According to Malwarebytes’ …
Warframe, Clash of Kings players’ info stolen after forum hacks
Two new website hack/ user data theft combos have been revealed last week, and the victims are players of popular mobile real time strategy game Clash of Kings and online …
The gravest dangers for CMS-based websites
Over a third of all websites on the Internet are powered by one of these four key open source platforms: WordPress, Joomla!, Drupal and Magento. This makes the life of …
Drupal moves to fix flaws in update process
After IOActive researcher Fernando Arnaboldi publicly revealed three crucial vulnerabilities in Drupal’s update process last Thursday, the Drupal Security Team published …
Bugs in Drupal’s update process could lead to backdoored updates, site compromise
Drupal’s update process is deeply flawed, says IOActive researcher Fernando Arnaboldi. He recently discovered three separate flaws in it, the worst of which could be …